public class SecureSM extends SecurityManager
There are a few major problems that require custom SecurityManager logic to fix:
exitVM permission is implicitly granted to all code by the default
Policy implementation. For a server app, this is not wanted. modifyThread/modifyThreadGroup. Applications
are encouraged to override the logic here to implement a stricter policy.
modifyThread is abused by its shutdown checks. This means
a thread must have modifyThread to even terminate its own pool, leaving
system threads unprotected.
exitVM calls, and provides a whitelist where calls
from exit are allowed.
Additionally it enforces threadgroup security with the following rules:
modifyThread and modifyThreadGroup are required for any thread access
checks: with these permissions, access is granted as long as the thread group is
the same or an ancestor (sourceGroup.parentOf(targetGroup) == true).
ThreadPermission can violate
threadgroup security rules.
If java security debugging (java.security.debug) is enabled, and this SecurityManager
is installed, it will emit additional debugging information when threadgroup access checks fail.
inCheck| Constructor and Description |
|---|
SecureSM()
Creates a new security manager where no packages can exit nor halt the virtual machine.
|
SecureSM(String[] classesThatCanExit)
Creates a new security manager with the specified list of regular expressions as the those that class names will be tested against to
check whether or not a class can exit or halt the virtual machine.
|
| Modifier and Type | Method and Description |
|---|---|
void |
checkAccess(Thread t) |
void |
checkAccess(ThreadGroup g) |
void |
checkExit(int status) |
protected void |
checkThreadAccess(Thread t) |
protected void |
checkThreadGroupAccess(ThreadGroup g) |
static SecureSM |
createTestSecureSM()
Creates a new security manager with a standard set of test packages being the only packages that can exit or halt the virtual machine.
|
protected void |
innerCheckExit(int status)
The "Uwe Schindler" algorithm.
|
checkAccept, checkAwtEventQueueAccess, checkConnect, checkConnect, checkCreateClassLoader, checkDelete, checkExec, checkLink, checkListen, checkMemberAccess, checkMulticast, checkMulticast, checkPackageAccess, checkPackageDefinition, checkPermission, checkPermission, checkPrintJobAccess, checkPropertiesAccess, checkPropertyAccess, checkRead, checkRead, checkRead, checkSecurityAccess, checkSetFactory, checkSystemClipboardAccess, checkTopLevelWindow, checkWrite, checkWrite, classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, getClassContext, getInCheck, getSecurityContext, getThreadGroup, inClass, inClassLoaderpublic SecureSM()
public SecureSM(String[] classesThatCanExit)
classesThatCanExit - the list of classes that can exit or halt the virtual machinepublic static SecureSM createTestSecureSM()
org.apache.maven.surefire.booter.com.carrotsearch.ant.tasks.junit4.org.eclipse.internal.junit.runner.com.intellij.rt.execution.junit.public void checkAccess(Thread t)
checkAccess in class SecurityManagerpublic void checkAccess(ThreadGroup g)
checkAccess in class SecurityManagerprotected void checkThreadAccess(Thread t)
protected void checkThreadGroupAccess(ThreadGroup g)
public void checkExit(int status)
checkExit in class SecurityManagerprotected void innerCheckExit(int status)
status - the exit statusCopyright © 2015–2017. All rights reserved.